{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T05:21:07Z","timestamp":1775107267265,"version":"3.50.1"},"reference-count":171,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2021,5,3]],"date-time":"2021-05-03T00:00:00Z","timestamp":1620000000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2022,5,31]]},"abstract":"\n Application layer\n Denial-of-Service (DoS)<\/jats:bold>\n attacks are generated by exploiting vulnerabilities of the protocol implementation or its design. Unlike volumetric DoS attacks, these are stealthy in nature and target a specific application running on the victim. There are several attacks discovered against popular application layer protocols in recent years. In this article, we provide a structured and comprehensive survey of the existing application layer DoS attacks and defense mechanisms. We classify existing attacks and defense mechanisms into different categories, describe their working, and compare them based on relevant parameters. We conclude the article with directions for future research.\n <\/jats:p>","DOI":"10.1145\/3448291","type":"journal-article","created":{"date-parts":[[2021,5,4]],"date-time":"2021-05-04T03:42:46Z","timestamp":1620099766000},"page":"1-33","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":63,"title":["Application Layer Denial-of-Service Attacks and Defense Mechanisms"],"prefix":"10.1145","volume":"54","author":[{"given":"Nikhil","family":"Tripathi","sequence":"first","affiliation":[{"name":"Fraunhofer Institute for Secure Information Technology, Hessen, Germany"}]},{"given":"Neminath","family":"Hubballi","sequence":"additional","affiliation":[{"name":"Indian Institute of Technology Indore, Madhya Pradesh, India"}]}],"member":"320","published-online":{"date-parts":[[2021,5,3]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10586-015-0528-7"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCST.2014.6987039"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-01854-6_55"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10115-012-0595-5"},{"key":"e_1_2_1_5_1","volume-title":"Site\u2019s History, Targeted at Anti-Censorship Tools. Retrieved","author":"Anthony Sebastian","year":"2021"},{"key":"e_1_2_1_6_1","volume-title":"Security Mechanism Agreement for the Session Initiation Protocol (SIP). RFC 3329. Retrieved","author":"Arkko Jari","year":"2021"},{"key":"e_1_2_1_7_1","volume-title":"Hackers Leave Finnish Residents Cold After DDoS Attack Knocks Out Heating Systems. Retrieved","author":"Ashok India","year":"2021"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455796"},{"key":"e_1_2_1_9_1","volume-title":"Halt Transportation Services in Sweden. Retrieved","author":"Barth Bradley","year":"2021"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2011.39"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1093\/comjnl\/bxt031"},{"key":"e_1_2_1_12_1","volume-title":"Retrieved","author":"Boulevard Security","year":"2021"},{"key":"e_1_2_1_13_1","volume-title":"The Resource Public Key Infrastructure (RPKI) to Router Protocol. RFC 6810. Retrieved","author":"Bush Randy","year":"2021"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/FiCloud.2014.72"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2017.05.005"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1504\/IJTMCC.2013.056440"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-19713-5_22"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2019.01.007"},{"key":"e_1_2_1_19_1","volume-title":"Model Selection Based on Expected Squared Hellinger Distance","author":"Cao Xiaofan"},{"key":"e_1_2_1_20_1","first-page":"25","article-title":"Anatomy of SIP attacks. login","volume":"37","author":"Ceron Jo\u00e3o Marcelo","year":"2012","journal-title":"The Magazine of USENIX & SAGE"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/VOIPMS.2006.1638123"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOMW.2013.6824989"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SMC.2013.34"},{"key":"e_1_2_1_24_1","volume-title":"Dynamic ARP Inspection. Retrieved","year":"2021"},{"key":"e_1_2_1_25_1","unstructured":"Cisco. 2013. Port Security. Retrieved March 6 2021 from http:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/switches\/lan\/catalyst6500\/ios\/12-2SX\/configuration\/guide\/book\/port_sec.html. Cisco. 2013. Port Security. Retrieved March 6 2021 from http:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/switches\/lan\/catalyst6500\/ios\/12-2SX\/configuration\/guide\/book\/port_sec.html."},{"key":"e_1_2_1_26_1","volume-title":"DDoS Attacks Against US Banks Peaked at 60 Gbps. Retrieved","author":"Constantin Lucian","year":"2021"},{"key":"e_1_2_1_27_1","volume-title":"Apache Core Features. Retrieved","year":"2021"},{"key":"e_1_2_1_28_1","volume-title":"Internet Message Access Protocol\u2014Version 4rev1. RFC 3501. Retrieved","author":"Crispin Mark R.","year":"2021"},{"key":"e_1_2_1_29_1","volume-title":"Cyber Attack Management for Metasploit. Retrieved","year":"2021"},{"key":"e_1_2_1_30_1","volume-title":"How to Not Break the Internet. Retrieved","author":"Daily Kaspersky","year":"2021"},{"key":"e_1_2_1_31_1","volume-title":"Proceedings of the Joint Intelligence and Security Informatics Conference (JISIC\u201914)","author":"Dantas Yuri Gil"},{"key":"e_1_2_1_32_1","volume-title":"Dynamic Host Configuration Protocol (DHCP) authentication using Challenge Handshake Authentication Protocol (CHAP). Patent No. US8555347B2. Issued","author":"de Graaf Kathryn","year":"2013"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/1-4020-8143-X_30"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23231"},{"key":"e_1_2_1_35_1","unstructured":"GitHub. 2017. DHCPig. Retrieved March 6 2021 from https:\/\/github.com\/kamorin\/DHCPig. GitHub. 2017. DHCPig. Retrieved March 6 2021 from https:\/\/github.com\/kamorin\/DHCPig."},{"key":"e_1_2_1_36_1","volume-title":"The TLS Protocol Version 1.0. RFC 2246. Retrieved","author":"Dierks Tim","year":"2021"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3281411.3281413"},{"key":"e_1_2_1_38_1","volume-title":"Proceedings of the International Conference on Applications and Theory of Petri Nets (ATPN\u201908)","author":"Lay"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2007.102"},{"key":"e_1_2_1_40_1","volume-title":"dns-flood-ng. Retrieved","year":"2021"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2003.10.003"},{"key":"e_1_2_1_42_1","volume-title":"Proceedings of the USENIX Security Symposium (USENIX Security\u201916)","author":"Dowling Benjamin","year":"2016"},{"key":"e_1_2_1_43_1","volume-title":"Dynamic Host Configuration Protocol. RFC 2131. Retrieved","author":"Droms Ralph","year":"2021"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICON.2011.6168490"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2009.09.004"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2008.03.016"},{"key":"e_1_2_1_47_1","volume-title":"Top 10 Distributed Denial of Service (DDoS) Protection Vendors. Retrieved","author":"Planet Security","year":"2021"},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2012.6211937"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2003.1194894"},{"key":"e_1_2_1_50_1","volume-title":"ypertext Transfer Protocol\u2014HTTP\/1.1. RFC 2616 Retrieved","author":"Fielding Roy T.","year":"2021"},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.100613.00161"},{"key":"e_1_2_1_52_1","volume-title":"The Largest Cyber Attack in History Has Been Hitting Hong Kong Sites. Retrieved","year":"2021"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2006.11.014"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2006.253270"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2009.04.007"},{"key":"e_1_2_1_56_1","unstructured":"Gobbler. 2003. Home Page. Retrieved March 6 2021 from http:\/\/gobbler.sourceforge.net\/. Gobbler. 2003. Home Page. Retrieved March 6 2021 from http:\/\/gobbler.sourceforge.net\/."},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/NCC.2016.7561121"},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2632071"},{"key":"e_1_2_1_59_1","volume-title":"Natalia Stakhanova, and Ali A. Ghorbani.","author":"Gonzalez Hugo","year":"2015"},{"key":"e_1_2_1_60_1","volume-title":"Proceedings of the International Conference on Distributed Computing Systems (ICDCS\u201906)","author":"Guo Fanglu","year":"2006"},{"key":"e_1_2_1_61_1","volume-title":"SIP: Session Initiation Protocol. RFC 2543. Retrieved","author":"Handley M.","year":"1999"},{"key":"e_1_2_1_62_1","volume-title":"HTTP Unbearable Load King. Retrieved","year":"2021"},{"key":"e_1_2_1_63_1","volume-title":"Incident of the Week: DDoS Attack Hits 3 Banks Simultaneously. Retrieved","author":"Hub CS","year":"2021"},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOM.2017.8254001"},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2018.2868816"},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2020.2999856"},{"key":"e_1_2_1_67_1","volume-title":"C","author":"Hubballi Neminath","year":"2017"},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2017.04.001"},{"key":"e_1_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1328"},{"key":"e_1_2_1_70_1","volume-title":"Q4 2017 Global DDoS Threat Landscape. Retrieved","year":"2021"},{"key":"e_1_2_1_71_1","unstructured":"Imperva. 2017. Slowloris. Retrieved March 6 2021 from https:\/\/www.imperva.com\/learn\/application-security\/slowloris\/. Imperva. 2017. Slowloris. Retrieved March 6 2021 from https:\/\/www.imperva.com\/learn\/application-security\/slowloris\/."},{"key":"e_1_2_1_72_1","volume-title":"2019 Global DDoS Threat Landscape Report. Retrieved","year":"2021"},{"key":"e_1_2_1_73_1","volume-title":"Are You Ready for Slow Reading? Retrieved","author":"Qualys Inc.","year":"2021"},{"key":"e_1_2_1_74_1","volume-title":"Trends, COVID-19 Impact, And Forecasts (2021-2026). Retrieved","author":"Intelligence Mordor","year":"2021"},{"key":"e_1_2_1_75_1","volume-title":"inviteflood Package Description. Retrieved","author":"Tools Kali","year":"2021"},{"key":"e_1_2_1_76_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2017.03.018"},{"key":"e_1_2_1_77_1","first-page":"1","article-title":"Entropy-based application layer DDoS attack detection using artificial neural networks","volume":"18","author":"Singh Khundrakpam Johnson","year":"2016","journal-title":"Entropy"},{"key":"e_1_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1109\/INM.2015.7140298"},{"key":"e_1_2_1_79_1","volume-title":"Proceedings of the International Workshop on Critical Information Infrastructures Security (CRITIS\u201907)","author":"Kambourakis Georgios","year":"2007"},{"key":"e_1_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2011.031611.00112"},{"key":"e_1_2_1_81_1","volume-title":"Simple Mail Transfer Protocol. RFC 5321. Retrieved","author":"Klensin John C.","year":"2021"},{"key":"e_1_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2012.011812.110125"},{"key":"e_1_2_1_83_1","doi-asserted-by":"publisher","DOI":"10.1186\/1687-1499-2011-50"},{"key":"e_1_2_1_84_1","volume-title":"The DDoS Attack Against Dyn One Year Later. Retrieved","author":"Lewis Dave","year":"2021"},{"key":"e_1_2_1_85_1","doi-asserted-by":"crossref","volume-title":"NTP Security: A Quick-Start Guide","author":"Liska Allan","DOI":"10.1007\/978-1-4842-2412-0"},{"key":"e_1_2_1_86_1","volume-title":"Proceedings of the Australasian Conference on Computer Science (ACSC\u201909)","author":"Liu Lin","year":"2009"},{"key":"e_1_2_1_87_1","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom.2011.8"},{"key":"e_1_2_1_88_1","volume-title":"Low Orbit Ion Cannon. Retrieved","year":"2021"},{"key":"e_1_2_1_89_1","first-page":"49","article-title":"On the generalised distance in statistics","volume":"2","author":"Mahalanobis Prasanta C.","year":"1936","journal-title":"National Institute of Sciences of India"},{"key":"e_1_2_1_90_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23090"},{"key":"e_1_2_1_91_1","doi-asserted-by":"publisher","DOI":"10.1145\/2935634.2935637"},{"key":"e_1_2_1_92_1","volume-title":"Proceedings of the International Conference on Financial Cryptography and Data Security (FC\u201917)","author":"Malhotra A."},{"key":"e_1_2_1_93_1","volume-title":"Top 10 DDoS Protection Vendors. Retrieved","author":"Management Enterprise","year":"2021"},{"key":"e_1_2_1_94_1","doi-asserted-by":"publisher","DOI":"10.1504\/IJICS.2015.073028"},{"key":"e_1_2_1_95_1","volume-title":"Cyberattacks Using Mirai Botnet Temporarily Knock Out Liberia\u2019s Internet. Retrieved","author":"Mascarenhas Hyacinth","year":"2021"},{"key":"e_1_2_1_96_1","doi-asserted-by":"publisher","DOI":"10.1109\/INM.2011.5990708"},{"key":"e_1_2_1_97_1","unstructured":"GitHub. 2018. Metasploit. Retrieved March 6 2021 from https:\/\/github.com\/rapid7\/metasploit-framework\/wiki\/Nightly-Installers. GitHub. 2018. Metasploit. Retrieved March 6 2021 from https:\/\/github.com\/rapid7\/metasploit-framework\/wiki\/Nightly-Installers."},{"key":"e_1_2_1_98_1","volume-title":"What Is Azure Web Application Firewall on Azure Application Gateway? Retrieved","year":"2021"},{"key":"e_1_2_1_99_1","doi-asserted-by":"crossref","unstructured":"D. Mills J. Martin J. Burbank and W. Kasch. 2010. Network Time Protocol Version 4: Protocol and Algorithms Specification. RFC 5905. Retrieved March 6 2021 from https:\/\/tools.ietf.org\/html\/rfc2616. D. Mills J. Martin J. Burbank and W. Kasch. 2010. Network Time Protocol Version 4: Protocol and Algorithms Specification. RFC 5905. Retrieved March 6 2021 from https:\/\/tools.ietf.org\/html\/rfc2616.","DOI":"10.17487\/rfc5905"},{"key":"e_1_2_1_100_1","volume-title":"Alternative Media Continue. Retrieved","author":"NUJP.","year":"2021"},{"key":"e_1_2_1_101_1","doi-asserted-by":"publisher","DOI":"10.1145\/997150.997156"},{"key":"e_1_2_1_102_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISPCS.2012.6336621"},{"key":"e_1_2_1_103_1","volume-title":"Security Requirements of Time Protocols in Packet Switched Networks. RFC 7384 (Informational). Retrieved","author":"Mizrahi Tal","year":"2021"},{"key":"e_1_2_1_104_1","volume-title":"mod_antiloris. Retrieved","year":"2021"},{"key":"e_1_2_1_105_1","volume-title":"mod_limitipconn. Retrieved","year":"2020"},{"key":"e_1_2_1_106_1","volume-title":"mod_reqtimeout. Retrieved","year":"2021"},{"key":"e_1_2_1_107_1","doi-asserted-by":"publisher","DOI":"10.5555\/1140814.1140815"},{"key":"e_1_2_1_108_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2015.7249476"},{"key":"e_1_2_1_109_1","volume-title":"Anonymous Attacks Spanish Government Sites. Retrieved","author":"Muncaster Phil","year":"2021"},{"key":"e_1_2_1_110_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-87403-4_17"},{"key":"e_1_2_1_111_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2015.240"},{"key":"e_1_2_1_112_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2009.5199191"},{"key":"e_1_2_1_113_1","volume-title":"Bitcoin Gold Website Down Following DDoS Attack. Retrieved","author":"O\u2019Leary Rachel Rose","year":"2021"},{"key":"e_1_2_1_114_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2007.42"},{"key":"e_1_2_1_115_1","volume-title":"DHCP Relay Agent Information Option. RFC 3046. Retrieved","author":"Patrick Michael","year":"2021"},{"key":"e_1_2_1_116_1","doi-asserted-by":"publisher","DOI":"10.1145\/1216370.1216373"},{"key":"e_1_2_1_117_1","volume-title":"An Ethernet Address Resolution Protocol. RFC 826. Retrieved","author":"Plummer David C.","year":"2021"},{"key":"e_1_2_1_118_1","volume-title":"File Transfer Protocol (FTP). RFC 959. Retrieved","author":"Postel Jon","year":"2021"},{"key":"e_1_2_1_119_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2870658"},{"key":"e_1_2_1_120_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2008.926503"},{"key":"e_1_2_1_121_1","volume-title":"Breaks New Ground for IoT Malware. Retrieved","author":"Reading DARK","year":"2021"},{"key":"e_1_2_1_122_1","volume-title":"DDoS Attacks Plague Olympic & Brazilian Government Websites. Retrieved","author":"Reo Joy","year":"2021"},{"key":"e_1_2_1_123_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS\u201903)","author":"Reynolds Brennen","year":"2003"},{"key":"e_1_2_1_124_1","volume-title":"Retrieved","author":"Robinson Teri","year":"2020"},{"key":"e_1_2_1_125_1","volume-title":"SIP: Session Initiation Protocol. RFC 3261. Retrieved","author":"Rosenberg Jonathan","year":"2002"},{"key":"e_1_2_1_126_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23233"},{"key":"e_1_2_1_127_1","volume-title":"R-U-Dead-Yet Denial of Service Tool 2.2. Retrieved","author":"Storm Packet","year":"2021"},{"key":"e_1_2_1_128_1","volume-title":"Welcome to Scapy\u2019s Documentation! Retrieved","year":"2021"},{"key":"e_1_2_1_129_1","volume-title":"DDoS Attack Slams HSBC. Retrieved","author":"Schwartz Mathew J.","year":"2021"},{"key":"e_1_2_1_130_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2018.02.025"},{"key":"e_1_2_1_131_1","doi-asserted-by":"publisher","DOI":"10.1109\/TPDS.2007.70786"},{"key":"e_1_2_1_132_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2012.12.004"},{"key":"e_1_2_1_133_1","volume-title":"Is it congestion or a DDoS attack?IEEE Communications Letters 13, 7","author":"Shevtekar Amey","year":"2009"},{"key":"e_1_2_1_134_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISPCS.2013.6644754"},{"key":"e_1_2_1_135_1","doi-asserted-by":"publisher","DOI":"10.1109\/IC2E.2014.38"},{"key":"e_1_2_1_136_1","volume-title":"C","author":"Singh Karanpreet","year":"2017"},{"key":"e_1_2_1_137_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2018.03.030"},{"key":"e_1_2_1_138_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2017.09.004"},{"key":"e_1_2_1_139_1","volume-title":"Proceedings of the Conference on Tencon-Spring (TENCON\u201913)","author":"Sivabalan Sujatha"},{"key":"e_1_2_1_140_1","volume-title":"Download SlowDroid DoS Tool 0.87.5 APK. Retrieved","author":"Italy Network Security","year":"2021"},{"key":"e_1_2_1_141_1","volume-title":"Application Layer DoS attack simulator. Retrieved","author":"Shekyan Sergey","year":"2021"},{"key":"e_1_2_1_142_1","unstructured":"Oscar Andersson. 2013. Slowloris. Retrieved March 6 2021 from https:\/\/github.com\/Ogglas\/Orignal-Slowloris-HTTP-DoS\/blob\/master\/slowloris.pl. Oscar Andersson. 2013. Slowloris. Retrieved March 6 2021 from https:\/\/github.com\/Ogglas\/Orignal-Slowloris-HTTP-DoS\/blob\/master\/slowloris.pl."},{"key":"e_1_2_1_143_1","volume-title":"Simulator)\u2014VoIP Monitoring and Testing Tool.Retrieved","year":"2021"},{"key":"e_1_2_1_144_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSS.2011.6058569"},{"key":"e_1_2_1_145_1","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOM.2008.ECP.397"},{"key":"e_1_2_1_146_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICWS.2011.22"},{"key":"e_1_2_1_147_1","doi-asserted-by":"publisher","DOI":"10.1109\/icc.2011.5963248"},{"key":"e_1_2_1_148_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2014.2302298"},{"key":"e_1_2_1_149_1","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOM.2009.5426267"},{"key":"e_1_2_1_150_1","volume-title":"Insider Threat 2018 Report. Retrieved","author":"Technologies CA","year":"2021"},{"key":"e_1_2_1_151_1","volume-title":"Welcome to NTPsec. Retrieved","year":"2021"},{"key":"e_1_2_1_152_1","doi-asserted-by":"publisher","DOI":"10.1109\/ANTS.2015.7413661"},{"key":"e_1_2_1_153_1","doi-asserted-by":"publisher","DOI":"10.1109\/ANTS.2016.7947848"},{"key":"e_1_2_1_154_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-017-0310-x"},{"key":"e_1_2_1_155_1","volume-title":"C","author":"Tripathi Nikhil","year":"2018"},{"key":"e_1_2_1_156_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102135"},{"key":"e_1_2_1_157_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2016.20"},{"key":"e_1_2_1_158_1","volume-title":"Proceedings of the International Conference on Computational Intelligence and Computing Research (ICCIC\u201913)","author":"Tripathi Nikhil"},{"key":"e_1_2_1_159_1","volume-title":"Proceedings of the International Conference on Control, Instrumentation, Communication, and Computational Technologies (ICCICCT\u201914)","author":"Tripathi Nikhil"},{"key":"e_1_2_1_160_1","doi-asserted-by":"publisher","DOI":"10.1109\/ANTS.2017.8384122"},{"key":"e_1_2_1_161_1","volume-title":"Spotify, Others. Retrieved","year":"2021"},{"key":"e_1_2_1_162_1","volume-title":"Method and apparatus for detecting spoofed network traffic. Patent No. US8281397B2. Issued","author":"Vaidyanathan Ravichander","year":"2012"},{"key":"e_1_2_1_163_1","volume-title":"Proceedings of the Global Telecommunications Conference (GLOBECOM\u201911)","author":"Wang Jin","year":"2011"},{"key":"e_1_2_1_164_1","volume-title":"Proceedings of the International Conference on Dependable Systems and Networks (DSN\u201904)","author":"Wu Yu-Sung","year":"2004"},{"key":"e_1_2_1_165_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2008.923716"},{"key":"e_1_2_1_166_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2008.925628"},{"key":"e_1_2_1_167_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2014.6883402"},{"key":"e_1_2_1_168_1","doi-asserted-by":"publisher","DOI":"10.1109\/PACRIM.2007.4313218"},{"key":"e_1_2_1_169_1","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.031413.00127"},{"key":"e_1_2_1_170_1","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom.2016.0098"},{"key":"e_1_2_1_171_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.18"}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3448291","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3448291","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:47:41Z","timestamp":1750193261000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3448291"}},"subtitle":["A Survey"],"short-title":[],"issued":{"date-parts":[[2021,5,3]]},"references-count":171,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2022,5,31]]}},"alternative-id":["10.1145\/3448291"],"URL":"https:\/\/doi.org\/10.1145\/3448291","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,5,3]]},"assertion":[{"value":"2019-09-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-01-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-05-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}